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Estimate  to  complete: 

Milestones  and  Deliveries 


Office  of  Naval  Research 

875  North  Randolph  Street 

Arlington,  VA  22203-1995 

N0001 4-1 6-C-2005 

January  1 , 201 7  -  March  31 , 201 7 

$932,742 

$73,714 

$115,280 

$932,742 


Work  Package 

Milestone  or  Delivery 

Scheduled  Delivery 
or  Completion 

Actual  Date  of  Delivery 
or  Completion 

Attack  Generator 
(UCI) 

Attack  Models 

April  2017 

Pending. 

Functional  Editor 
(SCOT) 

FME  Demonstration 
(Virtual  demo) 

May  2017 

Pending. 

Simulation  Engine 
(SCOT) 

Simulation  Engine 
Demonstration 

August  2017 

Pending. 

Functional 

Modeling  Compiler 
(SCOT) 

FMC  Demonstration 
(In  Princeton) 

October  2017 

Pending. 

Functional 

Modeling  Compiler 
(SCOT) 

FM  Compiler  and  Key 
Performance  Indicators  (KPI) 

May  2018 

Pending. 

Model 

Management 
Backbone  (SCOT) 

MMB  Demonstration 

April  2018 

Pending. 

Agent-based 

Distributed 

Runtime  (UCI) 

ADR  Demonstration 

October  2018 

Pending. 

All 

End-to-end  Use  Case 
Demonstration 

September  2019 

Pending. 

Summary  of  Progress  and  Major  Accomplishments 


Work  Package 

Progress 

Major  Accomplishments 

All 

The  SCOT  and  UCI  teams  held  a 
workshop  on  1/31  at  UCI.  The  following 
topics  were  discussed: 

Described  for  the  individual  work 
packages. 
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Work  Package 

Progress 

Major  Accomplishments 

Definition  of  the  work  plan  for  the 
entire  project  (milestones  and 
deliveries  presented  above). 

Navy  use  case  (Ship  Chilled  Water 
Distribution  System). 

Details  of  the  attack  models,  and 
definition  of  the  content  of  a 
corresponding  research  paper. 
Approaches  to  implement  the  agent- 
based  distributed  runtime. 

KPIs  for  single/multicore  controllers 
and  temporal/spatial  domains. 
Integration  of  the  model  management 
backbone. 

Plan  of  an  internship  for  a  PhD 
student  to  work  on  the  simulation 
engine  at  SCCT  during  the  summer  of 
2017. 

Attack  Generator 
(UCI) 

The  UCI  team  defined  the  following  attack 
models  for  cyber-physical  systems: 

6  basic  attacks  targeting  signals. 

1  basic  attack  targeting  control 
parameters. 

A  model  for  coordinated  attacks  that 
provides  any  combination  of  basic 
attacks  in  order  to  target  robust 
systems  more  effectively. 

The  attack  models  were  implemented  in 
MATLAB/Simulink  as  simulation  models 
and  evaluated  with  an  example  system 
model  of  an  engine  cooling  system. 

The  UCI  team  is  preparing  a  technical 
report  with  the  results  of  the  attack 
generator  work  package. 

The  modelling  approach  consisting  of 
basic  and  coordinated  attack  models 
provides  a  large  set  of  concrete  attack 
models,  exceeding  the  proposed 
number  of  attack  models  to  develop  in 
the  project. 

The  practical  evaluations  in  the 
simulator  show  the  negative  effects  of 
the  attacks  on  the  original  system. 

The  theoretical  definition  of  the 
attacks,  the  implementation  approach 
and  the  early  results  of  the  practical 
evaluation  were  encompassed  in  the 
research  paper  “Modeling  and 

Simulation  of  Cyberattacks  for 

Resilient  Cyber-Physical  Systems”  and 
submitted  for  publication  to  IEEE 
Conference  on  Automation  Science 
and  Engineering  (CASE)  2017. 

Functional  Editor 
(SCCT) 

The  development  of  the  web-based 
functional  modelling  editor  is  close  to 
completion.  The  following  features  have 
been  implemented: 

Hierarchical  block  structure  for  multi¬ 
level  functional  models. 

User-defined  block  types  and 
connection  port  types  for  increased 
modeling  flexibility. 

Automatic  drawing  of  block 
connections. 

Type  checking  for  port  connections 
and  visual  indication  of  type 
mismatches  for  flows. 

Generic  block  attributes  for  specifying 
arbitrary  domain-specific  and 

The  server  of  the  SCCT  prototype  was 
migrated  from  C++  and  SQLite  to 
JavaScript  (Node.js)  and  MongoDB, 
thereby  retaining  or  improving  the 
original  functionality  while  embracing  a 
new  and  modern  software  platform 
that  supports  multiple  operating 
systems  and  deployments  to  cloud 
architectures. 

Block  and  port  templates  can  be 
defined  by  the  user  in  JSON  format 
without  changing  the  application  code. 
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Work  Package 

Progress 

Major  Accomplishments 

application-specific  information  in  the 
functional  model. 

Dynamic  loading  of  block  and  port 
template  definitions  in  JSON  format. 
Portable  and  web-enabled 
implementation  based  on  Node.js  and 
MongoDB 

The  web-based  editor  combines  SVG 
and  HTML  for  optimal  display  of 
graphical  models  and  model  data. 

Functional 

Modeling  Compiler 
(SCCT) 

The  SCCT  team  has  carried  out 
conceptual  work  in  order  to  define  the 
implementation  strategy  for  the  Functional 
Modeling  Compiler.  The  following 
approaches  have  been  studied: 

Functional  model  to  architecture  and 
architecture  to  simulation  conversions 
as  presented  in  “Functional  Model- 
based  Design  Methodology  for 
Automotive  Cyber-Physical  Systems” 
(Wan  et  al.  2014) 

Methods  combining  symbolic 
representations  and  satisfiability 
solvers  (ASP,  SMT),  as  well  as 
constraint  programming. 

The  NIST  Functional  Basis  taxonomy  is 
being  studied  as  a  common  input 
language  for  the  Functional  Modeling 
Compiler. 

The  SCCT  team  has  identified  the 
potential  benefits  of  combining 
algorithmic  and  constraint 
programming  approaches  for  the 
Functional  Modeling  Compiler: 
Generation  of  more  complete 
attack  scenarios  targeting  all 
existing  attack  points  in  the 
system. 

Generation  of  more  complete 
cybersecurity  functions  protecting 
all  existing  attack  points  in  the 
system. 

Optimal  integration  of  control 
functions  and  cybersecurity 
functions. 

Optimal  generation  of  control  code 
for  the  important  KPIs  under 
consideration. 

Simulation  Engine 
(SCCT) 

SCCT  has  obtained  licenses  for  LMS 
Amesim,  and  is  currently  in  the  process  of 
obtaining  licenses  for  MATLAB/Simulink. 

Work  has  not  started. 

The  plan  for  working  on  the  simulation 
engine  was  defined  during  the  workshop 
at  UCI.  The  attack  models  from  the  Attack 
Generator  work  package  will  be  combined 
with  the  generated  models  from  the 
Functional  Modeling  Compiler  as  a  first 
step. 

Agent-based 

Distributed 

Runtime 

(UCI) 

Not  started. 

Model 

Management 
Backbone  (SCCT) 

Not  started. 
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Anticipated  Problems 


Work  Package 

Explanation  of  Anticipated 

Problem 

Actions  Being  Taken  to  Correct 

Problem 

Attack  Generator 
(UCI) 

The  request  to  ONR  for  the 
determination  on  fundamental 
research  required  by  UCI  caused  a 
delay  in  the  work  plan. 

The  UCI  team  concentrated  its  efforts  on 
the  Attack  Generator  work  package  in 
order  to  deliver  results  by  the  end  of  April 
2017.  The  work  on  the  Simulation  Engine 
has  been  scheduled  for  the  summer  of 

2017. 

Attack  Generator 
(UCI) 

The  modeling  of  the  control 
parameter  attack  models  currently 
requires  some  modification  to 

Simulink  blocks. 

The  MATLAB/Simulink  API  for  interacting 
with  Simulink  models  will  be  studied  further 
in  order  to  develop  a  solution  that  works 
with  standard  MATLAB/Simulink  blocks 
without  modification. 

Functional  Editor 
(SCCT) 

The  migration  to  Node.js  has  caused 
some  synchronization  issues  in  the 
web-based  editor. 

The  current  implementation  using  timeouts 
will  be  modified  to  use  synchronization 
functions. 

Points  of  Contact 


Technical 

Dr.  Gustavo  Quiros 

Siemens  Corporation,  Corporate  Technology 
755  College  Road  East,  Princeton,  NJ  08540 
Phone: (609)  216-5497 
gustavo.quiros@siemens.com 


Administrative 
Mr.  Samuel  Roods 

Siemens  Corporation,  Corporate  Technology 
755  College  Road  East,  Princeton,  NJ  08540 
Phone:  (609)  734-3575 
samuel.roods@siemens.com 
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